Ransom demands are down, email is the top way attackers get in
An employee opens an email that looks like any other, clicks a link, and gives up a password without noticing. A stolen login opens a door deeper in the network. Files stop …
Companies keep getting breached by vulnerabilities they already knew about
Scanning tools have gotten good at their work. Organizations now find more weaknesses across more of their systems than at any earlier point in the industry’s history. A …
Finance phishing works because it sounds boringly normal
Finance departments process a constant stream of invoices, contracts, payment notices, and procurement emails, making email one of the most common initial access vectors for …
AI used to help plan the break-in, now it’s doing the break-in
Over the past twelve months, researchers documented intrusions in which AI ran exploitation workflows autonomously, generating thousands of commands across dozens of sessions …
The best defense against AI attacks turns out to be a skeptical human
Analysts across the security industry now run generative AI through their daily work, from log triage to incident write-ups. Active use in cybersecurity strategy reached 78% …
99.9% of fixable AI vulnerabilities remain unpatched
Organizations build, deploy, and operate AI in the cloud, but basic cybersecurity hygiene is often sacrificed for speed, according to Orca Security’s 2026 State of AI Security …
Enterprises are rethinking where their AI applications run
Growing demand for compute capacity, power, cooling and low-latency connectivity is prompting organizations to reassess where AI applications run, according to CoreSite. …
Only 28% of financial workforce MFA is phishing-resistant
Passwords remain part of many workforce authentication flows in financial organizations, making phishing and credential theft major identity security risks, according to a new …
Messaging fraud trends point to smarter attacks, stronger blocking
Fraudsters spent 2025 investing in scale. New routes, new tools, and higher message volumes moved through the SMS, voice, and chat channels that businesses rely on to reach …
Thousands of malicious AI skills found capable of stealing data, running malware
AI agents can browse the web, use external tools, execute commands, and perform tasks on behalf of users. Many rely on skills that define how they interact with services and …
OpenAI and Anthropic are pulling in different directions
Companies are handing routine operational decisions to AI agents that plan, remember, and act on their behalf. These agents run on statistical models, and their behavior can …
Power shortages could slow AI data center expansion
AI adoption is increasing demand for data center capacity at the same time operators are running into limits around power, equipment, land, and permitting, according to NTT …